Motiva

DID YOU GET THE NOTICE ABOUT THE NEW CHANGES TO THE PENNSYLVANIA INFORMATION DATA SECURITY ACT AND

DON'T KNOW WHERE TO START?

Schedule a FREE Compliance Assessment to understand the reality of your current cybersecurity position & expose hidden vulnerabilities so we can take the appropriate action to satisfy compliance filing requirements.

YOU HAVE UNTIL APRIL 15th 2024 TO COMPLY

-
Days
-
Hours
-
Minutes
-
Seconds

Our Free Compliance Assessment Will Give You The Answers You Want, The Certainty You Need.

This Assessment will provide verification from a qualified third party on your PA IDSA Compliance posture, whether or not your current IT company is doing everything they should be, and if your business is at serious risk for hacker attacks, data loss and extended downtime, as well as how to solve these issues.

After this Assessment, you’ll get answers to questions such as:

  • Whether or not you're currently in Compliance with Cybersecurity Laws
  • Where you are overpaying (or getting underserved) for the services and support you are currently getting from your current IT company or team.
  • If you and your employees’ login credentials are being sold on the Dark Web.
  • IF your IT systems and data are truly secured from hackers, cybercriminals, viruses, worms and even sabotage by rogue employees.
  • IF your current backup would allow you to be back up and running again fast if ransomware locked all your files.
  • Do your employees truly know how to spot a phishing e-mail? We will actually put them to the test. We’ve never seen a company pass 100%. Never.
  • IF your IT systems, backup and data handling meet strict compliance requirements for data protection.
  • If your company (and your reputation) are at RISK and how your employees can work from home without compromising the security of your customers data.
  • How you could lower the overall costs of IT while improving communication, security and performance, as well as the productivity of your employees.

5 BIGGEST CHANGES
TO PIDSA LAW

Penetration Testing

- By simulating real-world cyberattacks, it provides a critical means for agencies to discover and rectify security weaknesses, ultimately improving overall security posture, reducing the risk of breaches, and safeguarding sensitive data and customer trust.

Endpoint Security and Encryption

- Protecting individual devices, such as computers, smartphones, and servers, from various cyber threats like malware and unauthorized access.
- Must encrypt PII data in rest and in transit, including emails.

- Must restrict access to data based on employee requirements for scope of work

Multi Factor Authentication

- Utilize MFA for local access to laptops and computers

- Combination of both a password and a secondary form of authentication.
- Remote access, Office 365 and More
- App or Token Based MFA preferred

Text-Based is no longer secure or recommended!

Employee Training

- Thorough and regular training against hacker tactics such as phishing and social engineering.

- Must conduct simulated attacks to test awareness and response.

- Provide feedback to employees and team on results of simulated attacks and response.

PROOF OF CYBERSECURITY IMPLEMENTATION

- Certifies entity complied during prior calendar year
- Must provide data and documentation to accurately demonstrate compliance in the form of reports, certifications or otherwise

- Must be available for audits


Entities must be able to report Cyber Breaches to the Pennsylvania Commissioner in no more than 5 days once discovered.

Must also include: details of the breach, data affected, actions taken, and proof of prior cybersecurity implementation & compliance

Walter Contreras, registered NY DFS instructor, Cybersecurity expert, and CEO of Motiva Networks understands how the world's digital transformation is impacting small to medium sized businesses. With over 25 years of experience in information technology and cybersecurity, his vision is clear - safeguarding and strengthening the digital backbone of business owners.